cvelist/2018/6xxx/CVE-2018-6674.json

{
   "CVE_data_meta" : {
      "ASSIGNER" : "psirt@mcafee.com",
      "DATE_PUBLIC" : "2018-05-09T17:00:00.000Z",
      "ID" : "CVE-2018-6674",
      "STATE" : "PUBLIC",
      "TITLE" : "SB10192 - Network Security Management (NSM) - Cross-Site Scripting (XSS) vulnerability"
   },
   "affects" : {
      "vendor" : {
         "vendor_data" : [
            {
               "product" : {
                  "product_data" : [
                     {
                        "product_name" : " VirusScan Enterprise (VSE)",
                        "version" : {
                           "version_data" : [
                              {
                                 "affected" : "<",
                                 "platform" : "x86",
                                 "version_name" : "8.8",
                                 "version_value" : "8.8 Patch 11"
                              }
                           ]
                        }
                     }
                  ]
               },
               "vendor_name" : "McAfee"
            }
         ]
      }
   },
   "data_format" : "MITRE",
   "data_type" : "CVE",
   "data_version" : "4.0",
   "description" : {
      "description_data" : [
         {
            "lang" : "eng",
            "value" : "Privilege Escalation vulnerability in Microsoft Windows client in McAfee VirusScan Enterprise (VSE) 8.8 allows local users to view configuration information in plain text format via the GUI or GUI terminal commands."
         }
      ]
   },
   "impact" : {
      "cvss" : {
         "attackComplexity" : "HIGH",
         "attackVector" : "PHYSICAL",
         "availabilityImpact" : "HIGH",
         "baseScore" : 6.8,
         "baseSeverity" : "MEDIUM",
         "confidentialityImpact" : "HIGH",
         "integrityImpact" : "HIGH",
         "privilegesRequired" : "HIGH",
         "scope" : "CHANGED",
         "userInteraction" : "REQUIRED",
         "vectorString" : "CVSS:3.0/AV:P/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
         "version" : "3.0"
      }
   },
   "problemtype" : {
      "problemtype_data" : [
         {
            "description" : [
               {
                  "lang" : "eng",
                  "value" : "Privilege Escalation vulnerability"
               }
            ]
         }
      ]
   },
   "references" : {
      "reference_data" : [
         {
            "name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10237",
            "refsource" : "CONFIRM",
            "url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10237"
         }
      ]
   },
   "source" : {
      "advisory" : "SB10237",
      "discovery" : "EXTERNAL"
   }
}
- Synchronized data. 2018-02-06 10:02:18 -05:00			`{`
- Synchronized data. 2018-05-25 09:21:44 -04:00			`"CVE_data_meta" : {`
			`"ASSIGNER" : "psirt@mcafee.com",`
			`"DATE_PUBLIC" : "2018-05-09T17:00:00.000Z",`
			`"ID" : "CVE-2018-6674",`
			`"STATE" : "PUBLIC",`
			`"TITLE" : "SB10192 - Network Security Management (NSM) - Cross-Site Scripting (XSS) vulnerability"`
- Synchronized data. 2018-02-06 10:02:18 -05:00			`},`
- Synchronized data. 2018-05-25 09:21:44 -04:00			`"affects" : {`
			`"vendor" : {`
			`"vendor_data" : [`
Update CVE-2018-6674.json SB10237 2018-05-24 16:14:52 -05:00			`{`
- Synchronized data. 2018-05-25 09:21:44 -04:00			`"product" : {`
			`"product_data" : [`
Update CVE-2018-6674.json SB10237 2018-05-24 16:14:52 -05:00			`{`
- Synchronized data. 2018-05-25 09:21:44 -04:00			`"product_name" : " VirusScan Enterprise (VSE)",`
			`"version" : {`
			`"version_data" : [`
Update CVE-2018-6674.json SB10237 2018-05-24 16:14:52 -05:00			`{`
- Synchronized data. 2018-05-25 09:21:44 -04:00			`"affected" : "<",`
			`"platform" : "x86",`
			`"version_name" : "8.8",`
			`"version_value" : "8.8 Patch 11"`
Update CVE-2018-6674.json SB10237 2018-05-24 16:14:52 -05:00			`}`
			`]`
			`}`
			`}`
			`]`
			`},`
- Synchronized data. 2018-05-25 09:21:44 -04:00			`"vendor_name" : "McAfee"`
Update CVE-2018-6674.json SB10237 2018-05-24 16:14:52 -05:00			`}`
			`]`
			`}`
			`},`
- Synchronized data. 2018-05-25 09:21:44 -04:00			`"data_format" : "MITRE",`
			`"data_type" : "CVE",`
			`"data_version" : "4.0",`
			`"description" : {`
			`"description_data" : [`
Update CVE-2018-6674.json SB10237 2018-05-24 16:14:52 -05:00			`{`
- Synchronized data. 2018-05-25 09:21:44 -04:00			`"lang" : "eng",`
			`"value" : "Privilege Escalation vulnerability in Microsoft Windows client in McAfee VirusScan Enterprise (VSE) 8.8 allows local users to view configuration information in plain text format via the GUI or GUI terminal commands."`
Update CVE-2018-6674.json SB10237 2018-05-24 16:14:52 -05:00			`}`
			`]`
			`},`
- Synchronized data. 2018-05-25 09:21:44 -04:00			`"impact" : {`
			`"cvss" : {`
			`"attackComplexity" : "HIGH",`
			`"attackVector" : "PHYSICAL",`
			`"availabilityImpact" : "HIGH",`
			`"baseScore" : 6.8,`
			`"baseSeverity" : "MEDIUM",`
			`"confidentialityImpact" : "HIGH",`
			`"integrityImpact" : "HIGH",`
			`"privilegesRequired" : "HIGH",`
			`"scope" : "CHANGED",`
			`"userInteraction" : "REQUIRED",`
			`"vectorString" : "CVSS:3.0/AV:P/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",`
			`"version" : "3.0"`
Update CVE-2018-6674.json SB10237 2018-05-24 16:14:52 -05:00			`}`
			`},`
- Synchronized data. 2018-05-25 09:21:44 -04:00			`"problemtype" : {`
			`"problemtype_data" : [`
- Synchronized data. 2018-02-06 10:02:18 -05:00			`{`
- Synchronized data. 2018-05-25 09:21:44 -04:00			`"description" : [`
Update CVE-2018-6674.json SB10237 2018-05-24 16:14:52 -05:00			`{`
- Synchronized data. 2018-05-25 09:21:44 -04:00			`"lang" : "eng",`
			`"value" : "Privilege Escalation vulnerability"`
Update CVE-2018-6674.json SB10237 2018-05-24 16:14:52 -05:00			`}`
			`]`
- Synchronized data. 2018-02-06 10:02:18 -05:00			`}`
			`]`
Update CVE-2018-6674.json SB10237 2018-05-24 16:14:52 -05:00			`},`
- Synchronized data. 2018-05-25 09:21:44 -04:00			`"references" : {`
			`"reference_data" : [`
Update CVE-2018-6674.json SB10237 2018-05-24 16:14:52 -05:00			`{`
- Synchronized data. 2018-05-25 09:21:44 -04:00			`"name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10237",`
			`"refsource" : "CONFIRM",`
			`"url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10237"`
Update CVE-2018-6674.json SB10237 2018-05-24 16:14:52 -05:00			`}`
			`]`
			`},`
- Synchronized data. 2018-05-25 09:21:44 -04:00			`"source" : {`
			`"advisory" : "SB10237",`
			`"discovery" : "EXTERNAL"`
- Synchronized data. 2018-02-06 10:02:18 -05:00			`}`
			`}`